CRITICAL🇵🇱 Wersja polska

CVE-2023-5908

CVSS 9.1v3.1pub. 2023-11-30upd. 2024-11-21

KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
  • Ge Industrial Gateway Server

    APP
    Ge
    ≤ 7.614
  • Ptc Keepserverex

    APP
    Ptc
    ≤ 6.14.263.0
  • Ptc Opc Aggregator

    APP
    Ptc
    ≤ 6.14
  • Ptc Thingworx Industrial Connectivity

    APP
    Ptc
    wszystkie wersje
  • Ptc Thingworx Kepware Edge

    APP
    Ptc
    ≤ 1.7
  • Ptc Thingworx Kepware Server

    APP
    Ptc
    ≤ 6.14.263.0
  • Rockwellautomation Kepserver Enterprise

    APP
    Rockwellautomation
    ≤ 6.14.263.0
  • Softwaretoolbox Top Server

    APP
    Softwaretoolbox
    ≤ 6.14.263.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2022-2825CRITICAL9.8ten sam produkt

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPS...

CVE-2022-2848CRITICAL9.1ten sam produkt

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPS...

CVE-2023-0755CRITICAL9.8ten sam produkt

The affected products are vulnerable to an improper validation of array index, which could allow an attacker ...

CVE-2023-0754CRITICAL9.8ten sam produkt

The affected products are vulnerable to an integer overflow or wraparound, which could  allow an attacker to ...

CVE-2020-27265CRITICAL9.8ten sam produkt

KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All ver...